The Supreme Court recently adjourned the writ petition which sought for formulation of new guidelines to combat hacking, cyber crimes, data theft and allied issues for November 26, 2021.
The bench of Justices AM Khanwilkar and CT Ravikumar directed Advocate Vivek Narayan Sharma appearing for the petitioner to serve an advance copy of the petition to Centre's (Ministry of Electronics and Information Technology) Standing Counsel.
The petition had sought for guidelines for creation of:
- Toll-free complaint and redressal centres for cases of social media hacks, cyber crimes and data breach.
- New posts in cyber cells.
- Filling cyber cells with technical experts at the District level in every State.
- A temporary body with extensive powers to look into data breaches and redressal.
- Data Protection Rights and Cyber Security measures which would strengthen public trust.
It was argued that lack of a central authority or a central body with pan-India jurisdiction to tackle cases created huge bottlenecks for the smooth operation of cyber cells.
"In 2016, over 30 lakh debit card details were made public in a major data breach. Similarly, the Aadhaar Data Breach is considered as the World's largest data breach and if one has to go on with the list, the ramifications are way too high," the petition stated.
Petitioners in this backdrop had also contended that this defeated the purpose of having cyber cells because such cyber crimes and data theft spanned in different states and jurisdictions and created issues like jurisdiction and infrastructure scarcity.
Preferred by Advocate Shubham Awasthi, the petition had also sought for issuance of directions to the Centre to come up with Data Protection Rules and policies for multinational corporations.
"Programs like 'Digital India' cannot succeed in achieving their objectives unless collective action is taken by all government departments to ensure real -governance. And e-security has to be a critical element of this drive. So far, cybersecurity in India has not received the attention it deserves," the petition stated.
The petitioner had also averred that the present legal scenario in India had no understanding of personal data and the IT Act only talked about Personal Information which could be a term open to interpretation.
"Under current laws, businesses are not obliged to report data breaches. Consumers are often none the wiser if their information has been stolen," petition stated in this regards.
The writ petition had also sought for guidelines for the purpose of:
- Investigation of offences of hacking/cyber bullying/cyber extortion and allied crimes in a time bound and effective manner to ensure such complaints reaching conclusion.
- Identifying the point of origin of the cyber crimes that violate public order/incite hatred/create tension in the society on the grounds of race, religion, caste, creed, gender or sexual orientation or misleading information about things of scientific nature of government emergency broadcasts from the companies/organisations/institutions which facilitate such medium.
- Handling the incidents of public data breach, cyber bullying/extortion in the future.
- Sharing information about breaches with concerned individuals/users to provide them with necessary help.